US8538021B2 - Sending apparatus, receiving apparatus, sending method, and receiving method - Google Patents

Sending apparatus, receiving apparatus, sending method, and receiving method Download PDF

Info

Publication number
US8538021B2
US8538021B2 US13/025,551 US201113025551A US8538021B2 US 8538021 B2 US8538021 B2 US 8538021B2 US 201113025551 A US201113025551 A US 201113025551A US 8538021 B2 US8538021 B2 US 8538021B2
Authority
US
United States
Prior art keywords
frame
unit
base station
initialization vector
frame number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related, expires
Application number
US13/025,551
Other languages
English (en)
Other versions
US20110138173A1 (en
Inventor
Masato Okuda
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujitsu Ltd
Original Assignee
Fujitsu Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Ltd filed Critical Fujitsu Ltd
Assigned to FUJITSU LIMITED reassignment FUJITSU LIMITED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: OKUDA, MASATO
Publication of US20110138173A1 publication Critical patent/US20110138173A1/en
Application granted granted Critical
Publication of US8538021B2 publication Critical patent/US8538021B2/en
Expired - Fee Related legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/12Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the embodiments discussed herein are related to a sending apparatus, a receiving apparatus, a sending method, and a receiving method.
  • IP Internet Protocol
  • IETF Internet Engineering Task Force
  • AES Advanced Encryption Standard
  • ESP IPsec Encapsulating Security Payload
  • a data packet can be transmitted by mapping it to a frame which is a determined communication unit in a lower communication layer.
  • a data packet can be mapped to a radio frame in a physical layer.
  • One or more data packets can be included in a frame.
  • some encryption methods use a bit string called an initialization vector in addition to a cryptographic key. Even if plaintexts (data before encryption) are the same and cryptographic keys are the same, different cryptograms (data after encryption) can be obtained by the use of different initialization vectors. That is to say, a decrease in safety caused by the repetitive use of the same cryptographic key can be prevented by the use of an initialization vector.
  • a data packet is encrypted at a sending end by the use of a common key and an initialization vector generated for each specific data packet.
  • Information (4-byte bit string, for example) regarding the initialization vector used for the encryption is added to the encrypted data packet and is transmitted from the sending end.
  • a sending apparatus for transmitting a frame including one or more data packets, including an encryption unit which encrypts each of the data packets on the basis of a frame number of the frame used for transmitting the data packets and a determined cryptographic key and a sending unit which transmits the frame including the data packets encrypted by the encryption unit.
  • FIG. 1 illustrates a sending apparatus and a receiving apparatus
  • FIG. 2 illustrates the structure of a mobile communication system
  • FIG. 3 is a block diagram of a base station
  • FIG. 4 is a block diagram of a mobile station
  • FIG. 5 illustrates a first example of the structure of a key management table
  • FIG. 6 illustrates an example of the structure of a radio frame
  • FIG. 7 illustrates a first example of the format of a MAC-PDU
  • FIG. 8 illustrates a second example of the format of a MAC-PDU
  • FIG. 9 is a sequence diagram of the flow of control messages
  • FIG. 10 is a flow chart of a packet transmission process
  • FIG. 11 illustrates a first example of an initialization vector
  • FIG. 12 illustrates an example of an encryption method
  • FIG. 13 is a flow chart of a packet receiving process
  • FIG. 14 illustrates an example of a decoding method
  • FIG. 15 is a first flow chart of a key update process
  • FIG. 16 illustrates a second example of the structure of a key management table
  • FIG. 17 illustrates a second example of an initialization vector
  • FIG. 18 is a sequence diagram of the flow of handover control
  • FIG. 19 illustrates a third example of the structure of a key management table
  • FIG. 20 is a second flow chart of a key update process.
  • FIG. 1 illustrates a sending apparatus and a receiving apparatus.
  • a sending apparatus 1 sends a frame 3 and a receiving apparatus 2 receives the frame 3 from the sending apparatus 1 .
  • One or more data packets can be included in the frame 3 .
  • the frame 3 includes data packets 3 a and 3 b.
  • the sending apparatus 1 includes an encryption unit 1 a and a sending unit 1 b .
  • the encryption unit 1 a encrypts the data packets 3 a and 3 b .
  • a cryptographic key held by the sending apparatus 1 is used for the encryption.
  • the cryptographic key corresponds to a decoding key held by, for example, the receiving apparatus 2 .
  • a frame number 3 c of the frame 3 used for sending the data packets 3 a and 3 b is used for the encryption.
  • the frame number 3 c is used for generating, for example, an initialization vector.
  • the sending unit 1 b sends the frame 3 including the data packets 3 a and 3 b encrypted by the encryption unit 1 a.
  • the receiving apparatus 2 includes a receiving unit 2 a and a decoding unit 2 b .
  • the receiving unit 2 a receives the frame 3 from the sending apparatus 1 .
  • the decoding unit 2 b decodes the data packets 3 a and 3 b included in the frame 3 received by the receiving unit 2 a .
  • a decoding key held by the receiving apparatus 2 is used for the decoding.
  • the decoding key corresponds to the cryptographic key held by, for example, the sending apparatus 1 .
  • the frame number 3 c of the frame 3 used for sending the data packets 3 a and 3 b is used for the decoding.
  • the frame number 3 c is used for generating, for example, the initialization vector.
  • the frame number 3 c is a number for identifying each frame and is defined by, for example, the sending apparatus 1 or the receiving apparatus 2 .
  • a serial number which increments by one for each frame can be used as the frame number 3 c .
  • the frame number 3 c may be included in the frame 3 .
  • the receiving apparatus 2 can extract the frame number 3 c from the frame 3 and use it for the decoding.
  • the receiving apparatus 2 may manage a current frame number and perform the decoding on the basis of the frame number it manages.
  • the sending apparatus 1 and the receiving apparatus 2 can use a common key cryptosystem or a public key cryptosystem as a cryptographic algorithm.
  • DES Data Encryption Standard
  • AES Advanced Encryption Standard
  • the common key cryptosystem the cryptographic key used in the sending apparatus 1 and the decoding key used in the receiving apparatus 2 are the same (common key).
  • the public key cryptosystem on the other hand, the cryptographic key used in the sending apparatus 1 and the decoding key used in the receiving apparatus 2 are different (public key and secret key).
  • the common key cryptosystem the sending apparatus 1 and the receiving apparatus 2 agree in advance on a common key used as the cryptographic key and the decoding key.
  • the sending apparatus 1 and the receiving apparatus 2 can change the cryptographic key and the decoding key, respectively, on a regular or irregular basis. It is desirable from the viewpoint of the safety of cryptograph that the sending apparatus 1 and the receiving apparatus 2 should change the cryptographic key and the decoding key, respectively, at least once every circulation cycle especially in the case where a frame number circulates in a determined cycle (for example, in the case where a number increments by one for each frame and returns to a minimum value after reaching a representable maximum value).
  • the sending apparatus 1 and the receiving apparatus 2 may change the cryptographic key and the decoding key, respectively, according to the number of data packets encrypted and decoded.
  • the sending apparatus 1 communicates with the receiving apparatus 2 on a one-to-one basis.
  • the sending apparatus 1 may send data packets to a plurality of receiving apparatus 2 . In this case, it is possible to mingle the data packets to be sent to the plurality of receiving apparatus 2 in the frame 3 .
  • a plurality of sending apparatus 1 may send data packets to the receiving apparatus 2 . In this case, it is possible to mingle the data packets sent from the plurality of sending apparatus 1 in the frame 3 .
  • an index indicative of the position of a data packet in the frame 3 may be used for encrypting or decoding the data packet.
  • the index is a number indicative of where the data packet is in the frame 3 .
  • An initialization vector may be generated from the frame number 3 c and the index.
  • the sending apparatus 1 may add an index to each of the data packets 3 a and 3 b and send it.
  • bit string indicative of the frame number 3 c Only part of a bit string indicative of the frame number 3 c may be extracted and used for performing encryption or decoding. Moreover, a bit string obtained by adding an extension bit to a bit string indicative of the frame number 3 c may be used. Such extension or shrinkage of a bit string indicative of the frame number 3 c is effective especially in the case where the cryptographic key and the decoding key are changed in a cycle different from the circulation cycle of the frame number 3 c .
  • a use for the frame number 3 c or the above index is not limited to initialization vector generation.
  • a bit string in which the cryptographic key or the decoding key and the frame number 3 c are combined may be used as a temporary cryptographic key or decoding key.
  • the data packets 3 a and 3 b are encrypted by the encryption unit 1 a on the basis of the frame number 3 c of the frame 3 used for sending them and the cryptographic key.
  • the sending unit 1 b then sends the frame 3 including the data packets 3 a and 3 b encrypted.
  • the receiving unit 2 a receives the frame 3 including the data packets 3 a and 3 b .
  • the decoding unit 2 b then decodes the data packets 3 a and 3 b included in the frame 3 received on the basis of the frame number 3 c of the frame 3 and the decoding key.
  • the sending apparatus 1 it is not necessary for the sending apparatus 1 to add information other than the decoding key which the receiving apparatus 2 uses for decoding the data packets 3 a and 3 b to the data packets 3 a and 3 b or to send it.
  • the receiving apparatus 2 can obtain information other than the decoding key used for decoding from the frame number 3 c of the frame 3 used for sending the data packets 3 a and 3 b . This prevents an increase in the amount of communication caused by the encryption of the data packets 3 a and 3 b.
  • a data packet is encrypted both for communication (uplink communication) from a mobile station to a base station and for communication (downlink communication) from a base station to a mobile station.
  • encryption may be performed only for up or downlink communication.
  • FIG. 2 illustrates the structure of a mobile communication system.
  • a mobile communication system according to a first embodiment includes base stations 100 and 100 a and mobile stations 200 and 200 a.
  • Each of the base stations 100 and 100 a is a radio communication apparatus.
  • the base station 100 or 100 a can perform packet communication with the mobile station 200 or 200 a .
  • the base station 100 or 100 a sends a data packet the destination of which is the mobile station 200 or 200 a via a downlink (radio link from the base station 100 or 100 a to the mobile station 200 or 200 a ).
  • the base station 100 or 100 a receives a data packet sent by the mobile station 200 or 200 a via an uplink (radio link from the mobile station 200 or 200 a to the base station 100 or 100 a ).
  • the base stations 100 and 100 a can communicate with each other via an upper station (not illustrated) such as a radio network controller. However, the base stations 100 and 100 a can communicate directly with each other.
  • Each of the mobile stations 200 and 200 a is a radio terminal unit and can perform packet communication with the base station 100 or 100 a .
  • each of the mobile stations 200 and 200 a is a portable telephone.
  • the mobile station 200 or 200 a sends a data packet to the base station 100 or 100 a via an uplink.
  • the mobile station 200 or 200 a receives a data packet the destination of which is the mobile station 200 or 200 a from the base station 100 or 100 a via a downlink.
  • the mobile station 200 is in a cell of the base station 100 .
  • each of the base stations 100 and 100 a and the mobile stations 200 and 200 a can encrypt and transmit a data packet and receive an encrypted data packet.
  • the base station 100 or 100 a corresponds to the sending apparatus 1 illustrated in FIG. 1 and the mobile station 200 or 200 a corresponds to the receiving apparatus 2 illustrated in FIG. 1 .
  • the mobile station 200 or 200 a corresponds to the sending apparatus 1 and the base station 100 or 100 a corresponds to the receiving apparatus 2 .
  • AES-CCM Counter with CBC MAC
  • AES-CCM Counter with CBC MAC
  • AES-CCM AES which is a common key cryptosystem is used as a cryptographic algorithm.
  • a counter mode CTR mode
  • a MAC Message Authentication Code generated in a CBC (Cipher Block Chaining) mode is added to a data packet.
  • CBC Cipher Block Chaining
  • FIG. 3 is a block diagram of the base station.
  • the base station 100 includes an antenna 111 , an antenna sharing device 112 , a receiving unit 113 , a demodulation unit 114 , a decoding unit 115 , a control information extraction unit 116 , a packet reproduction unit 117 , a network interface 118 , a packet identification unit 119 , a packet buffer 120 , a PDU generation unit 121 , a coding unit 122 , a modulation unit 123 , a sending unit 124 , a table storage unit 125 , and a control unit 126 .
  • the base station 100 a can also be realized by the same module structure that is adopted in the base station 100 .
  • the antenna 111 is used both for sending and for receiving.
  • the antenna 111 outputs a radio signal received from the mobile station 200 or 200 a to the antenna sharing device 112 .
  • the antenna 111 radio-outputs a transmitted signal acquired from the antenna sharing device 112 .
  • a sending antenna and a receiving antenna which are distinct from each other may be used.
  • the antenna sharing device 112 separates the received signal and the transmitted signal for using the antenna 111 both for sending and for receiving.
  • the antenna sharing device 112 outputs the received signal acquired from the antenna 111 to the receiving unit 113 .
  • the antenna sharing device 112 makes the antenna 111 radio-output the transmitted signal acquired from the sending unit 124 .
  • the antenna sharing device 112 includes, for an example of FDD (Frequency Division Duplex), a BPF (Band Pass Filter) for separating the received signal and the transmitted signal.
  • the receiving unit 113 converts the received signal acquired from the antenna sharing device 112 to a digital base band signal and outputs the digital base band signal to the demodulation unit 114 .
  • the receiving unit 113 includes a LNA (Low Noise Amplifier), a frequency converter, a BPF, an A/D (Analog-to-Digital) converter, a quadrature demodulator, and the like.
  • the demodulation unit 114 demodulates the digital base band signal acquired from the receiving unit 113 . In this case, a determined demodulation method or a demodulation method designated by the control unit 126 is used. The demodulation unit 114 then outputs a demodulated signal obtained to the decoding unit 115 .
  • the decoding unit 115 decodes the demodulated signal acquired from the demodulation unit 114 .
  • the decoding unit 115 performs a process including deinterleaving, error correction decoding, error detection, and the like on the demodulated signal. In this case, a determined decoding method or a decoding method designated by the control unit 126 is used.
  • the decoding unit 115 then outputs decoded data obtained to the control information extraction unit 116 .
  • the control information extraction unit 116 extracts control information generated by the mobile station 200 or 200 a from the decoded data acquired from the decoding unit 115 , and outputs the control information to the control unit 126 .
  • the control information includes a SBC-REQ (Subscriber station Basic Capability-REQuest) for sending notice of the communication capability of the mobile station 200 or 200 a , a PKM-REQ (Privacy Key Management-REQuest) for requesting a new common key, and the like.
  • the control information extraction unit 116 extracts user data from the decoded data acquired from the decoding unit 115 , and outputs the user data to the packet reproduction unit 117 .
  • the packet reproduction unit 117 acquires the user data from the control information extraction unit 116 and converts the data format of MAC-PDU (Medium Access Control-Protocol Data Unit) used in a radio interval to a packet format used in communication between the upper station and the base station. At this time it is possible to combine MAC-PDUs or divide a MAC-PDU at need. The packet reproduction unit 117 then outputs a data packet to the network interface 118 .
  • MAC-PDU Medium Access Control-Protocol Data Unit
  • the packet reproduction unit 117 includes a decoding unit 117 a . If there is an encrypted MAC-PDU, then the decoding unit 117 a decodes the MAC-PDU. At this time the decoding unit 117 a acquires a frame number of a radio frame in which the MAC-PDU to be decoded is included, an index indicative of the position of the MAC-PDU in the radio frame, and a common key (decoding key) from the control unit 126 . The decoding unit 117 a then decodes the MAC-PDU on the basis of the information acquired from the control unit 126 . The details of a decoding method will be described later.
  • the network interface 118 is a communication interface for performing packet communication with the upper station.
  • the network interface 118 sends the upper station the data packet acquired from the packet reproduction unit 117 .
  • the network interface 118 outputs a data packet acquired from the upper station to the packet identification unit 119 .
  • the packet identification unit 119 outputs the data packet acquired from the network interface 118 to the packet buffer 120 .
  • the packet identification unit 119 specifies a destination mobile station from a destination address (destination IP (Internet Protocol) address, for example) included in a header of the data packet. This can be realized, for example, in the following way.
  • the packet identification unit 119 associates an address with identification information for each mobile station and manages them.
  • the packet identification unit 119 also determines QoS (Quality of Service) corresponding to the specified mobile station.
  • the packet identification unit 119 then designates the mobile station, the QoS, and the size of the data packet and requests the control unit 126 to assign a band.
  • QoS Quality of Service
  • the packet buffer 120 is a buffer memory and temporarily stores the data packet acquired from the packet identification unit 119 . In accordance with instructions from the control unit 126 the packet buffer 120 outputs stored data packets to the PDU generation unit 121 .
  • the packet buffer 120 manages data packets according to their destinations or QoS, so the packet buffer 120 can divide its storage area into a plurality of areas. Furthermore, the packet buffer 120 may include a plurality of memory units.
  • the PDU generation unit 121 acquires a data packet including user data from the packet buffer 120 and acquires control information from the control unit 126 .
  • the control information includes a response to a SBC-REQ, a response to a PKM-REQ, and the like.
  • the PDU generation unit 121 converts the data packet to the MAC-PDU format while exercising control so as to properly arrange the user data and the control information in a radio frame. At this time the PDU generation unit 121 can combine data packets or divide the data packet at need.
  • the PDU generation unit 121 then codes the MAC-PDU and the control information and outputs them to the coding unit 122 .
  • the PDU generation unit 121 includes an encryption unit 121 a .
  • the encryption unit 121 a encrypts the data packet.
  • the encryption unit 121 a acquires a frame number of the radio frame used for sending the encrypted MAC-PDU, an index indicative of the position of the MAC-PDU in the radio frame, and a common key (cryptographic key) from the control unit 126 .
  • the encryption unit 121 a then encrypts the data packet on the basis of the information acquired from the control unit 126 . The details of an encryption method will be described later.
  • the coding unit 122 codes the MAC-PDU acquired from the PDU generation unit 121 .
  • the coding unit 122 performs a process including adding parity for error detection, error correction coding, and interleaving on the MAC-PDU. In this case, a determined coding method or a coding method designated by the control unit 126 is used.
  • the coding unit 122 then outputs coded data obtained to the modulation unit 123 .
  • the modulation unit 123 modulates the coded data acquired from the coding unit 122 .
  • a determined modulation method or a modulation method designated by the control unit 126 is used.
  • the modulation unit 123 performs digital modulation such as QPSK (Quadrature Phase Shift Keying) or 16QAM (Quadrature Amplitude Modulation).
  • the modulation unit 123 then outputs a digital base band signal obtained to the sending unit 124 .
  • the sending unit 124 converts the digital base band signal acquired from the modulation unit 123 to a transmitted signal for radio-transmitting and outputs it to the antenna sharing device 112 .
  • the sending unit 124 includes a quadrature modulator, a D/A (Digital-to-Analog) converter, a frequency converter, a BPF, a power amplifier, and the like.
  • the table storage unit 125 stores a key management table for managing a common key (which is a cryptographic key and a decoding key) used for communicating with the mobile station 200 or 200 a .
  • the table storage unit 125 stores various pieces of information, such as information regarding the communication capability of the mobile station 200 or 200 a , authentication information, QoS information, and radio resource allocation information, used for communication control. Information stored in the table storage unit 125 is referred to or updated properly by the control unit 126 .
  • the control unit 126 controls the whole of radio communication with the mobile station 200 or 200 a .
  • the control unit 126 manages the frame number of a radio frame.
  • the control unit 126 manages the update of the common key used for communicating with the mobile station 200 or 200 a .
  • the decoding unit 117 a decodes the encrypted MAC-PDU
  • the control unit 126 informs the decoding unit 117 a of the frame number, the index, and the common key.
  • the encryption unit 121 a encrypts the data packet
  • the control unit 126 informs the encryption unit 121 a of the frame number, the index, and the common key.
  • the same common key may be used for up and downlinks. Alternatively, different common keys may be used for up and downlinks.
  • the control unit 126 allocates a radio resource to the mobile station 200 or 200 a according to QoS.
  • the control unit 126 then gives the packet buffer 120 instructions according to an allocation result to output a data packet.
  • the control unit 126 exercises the above various kinds of control on the basis of control information acquired from the control information extraction unit 116 .
  • the control unit 126 generates control information at need and outputs it to the PDU generation unit 121 .
  • FIG. 4 is a block diagram of the mobile station.
  • the mobile station 200 includes an antenna 211 , an antenna sharing device 212 , a receiving unit 213 , a demodulation unit 214 , a decoding unit 215 , a control information extraction unit 216 , a packet reproduction unit 217 , a data processing unit 218 , a packet identification unit 219 , a packet buffer 220 , a PDU generation unit 221 , a coding unit 222 , a modulation unit 223 , a sending unit 224 , a table storage unit 225 , and a control unit 226 .
  • the mobile station 200 a can also be realized by the same module structure that is adopted in the mobile station 200 .
  • the functions of the above modules other than the data processing unit 218 are the same as those of the modules of the above base station 100 having the same names. With the mobile communication system according to this embodiment, however, it is assumed that the management of radio resource allocation is performed at the base station side. Accordingly, the mobile station 200 performs uplink communication by the use of a radio resource allocated by the base station 100 or 100 a . For example, the mobile station 200 sends the base station 100 or 100 a control information indicative of a band request so that the base station 100 or 100 a will allocate a radio resource to the mobile station 200 .
  • the data processing unit 218 performs various kinds of data processing, such as a display process and an audio output process, by the use of a data packet acquired from the packet reproduction unit 217 .
  • the data processing unit 218 When data to be transmitted emerges, the data processing unit 218 generates a data packet, adds a destination address to the data packet, and outputs the data packet to the packet identification unit 219 .
  • the mobile station 200 may communicate with only one base station or communicate with a plurality of base stations in parallel at each timing. In addition, the mobile station 200 may establish only one connection with one base station or establish a plurality of connections with one base station.
  • a common key used for encrypting and decoding a data packet is prepared for, for example, each connection. In this case, key management is performed for each connection.
  • FIG. 5 illustrates a first example of the structure of a key management table.
  • a key management table 125 a is stored in the table storage unit 125 of the base station 100 .
  • a table which is the same as the key management table 125 a is also stored in the table storage unit 225 of the mobile station 200 .
  • the key management table 125 a includes CID (Connection IDentifier), Common Key, and Index items. Pieces of information in these items arranged in the horizontal direction are associated with one another.
  • CID Connection IDentifier
  • Common Key Common Key
  • Index items Pieces of information in these items arranged in the horizontal direction are associated with one another.
  • An identifier which the base station 100 or 100 a assigns to the mobile station 200 or 200 a at the time of establish a connection is set in the CID item.
  • a plurality of CIDs may be assigned to one mobile station.
  • a common key (which is a cryptographic key and a decoding key) used for a connection indicated by a CID is set in the Common Key item.
  • a common key is a determined-length (16-byte (128-bit), for example) bit string. The bit length of a common key is determined according to a cryptographic algorithm used.
  • An index is a determined-length (1-byte (8-bit), for example) bit string. An index is initialized to zero in each radio frame and is incremented each time the common key is used for encrypting a data packet. Instead of defining an index for each common key, a unique index may be defined for a plurality of common keys.
  • Information in the key management table 125 a is updated properly by the control unit 126 .
  • the information of the CID “1,” the common key “Key#a,” and the index “0” is registered in the key management table 125 a .
  • This information means that the common key “Key#a” is unused in a radio frame, that is to say, that no data packet is encrypted in a connection indicated by the CID “1.”
  • a table like the key management table 125 a is prepared, for example, for each of up and downlinks.
  • FIG. 6 illustrates an example of the structure of a radio frame.
  • a radio frame like that illustrated in FIG. 6 is used for radio communication between the base station 100 or 100 a and the mobile station 200 or 200 a .
  • uplink communication and downlink communication are realized by a TDD (Time Division Duplex) method. That is to say, each radio frame is divided into two time domains, the first half is a DL (downlink) subframe used for downlink communication, and the second half is a UL (uplink) subframe used for uplink communication.
  • TDD Time Division Duplex
  • each radio frame is divided into two time domains, the first half is a DL (downlink) subframe used for downlink communication, and the second half is a UL (uplink) subframe used for uplink communication.
  • uplink communication and downlink communication can be realized by a FDD (Frequency Division Duplex) method.
  • FDD Frequency Division Duplex
  • a preamble is transmitted first in the DL subframe as a known signal for identifying the head of the radio frame.
  • a FCH Frae Control Header
  • a DL-MAP is transmitted.
  • the DL-MAP includes information which indicates how a radio resource in the DL subframe is assigned to each mobile station.
  • a UL-MAP is transmitted.
  • the UL-MAP includes information which indicates how a radio resource included in the UL subframe is assigned to each mobile station.
  • the DL-MAP also includes a frame number of the radio frame.
  • a frame number is a determined-length (3-byte (24-bit), for example) bit string.
  • Serial frame numbers are given in ascending order to a series of radio frames.
  • a frame number circulates in a determined cycle. For example, when a frame number reaches a maximum value which can be represented by 24 bits, the frame number of the next radio frame returns to zero.
  • sets of user data and control information are transmitted as DL-Bursts.
  • One or more MAC-PDUs can be included in a DL-Burst.
  • a MAC-PDU encrypted and a MAC-PDU not encrypted may mingle in a DL-Burst.
  • the destination of a MAC-PDU can be specified by a CID included in the DL-MAP or a header of the MAC-PDU.
  • the UL subframe includes a ranging area for transmitting a ranging code.
  • the mobile station 200 or 200 a can perform ranging code transmission without the permission of the base station 100 or 100 a in the ranging area.
  • the ranging area can be used for communication before establishing a connection, a band request, a hand-over request, or the like.
  • the UL subframe includes UL-Burst areas.
  • the mobile station 200 or 200 a can transmit a set of user data and control information in an area assigned thereto as a UL-Burst.
  • One or more MAC-PDUs can be included in a UL-Burst.
  • a MAC-PDU encrypted and a MAC-PDU not encrypted may mingle in a UL-Burst.
  • a blank referred to as a TTG (Transmit/Receive Transition Gap) is inserted between the DL subframe and the UL subframe.
  • a blank referred to as a RTG (Receive/Transmit Transition Gap) is inserted between the UL subframe and the next DL subframe.
  • FIG. 7 illustrates a first example of the format of a MAC-PDU.
  • This MAC-PDU is encrypted.
  • the MAC-PDU includes a 6-byte header, an encrypted payload, an 8-byte ICV (Integrity Check Value), and a 4-byte CRC (Cyclic Redundancy Check).
  • ICV Integrity Check Value
  • CRC Cyclic Redundancy Check
  • the header is information added for encapsulating a data packet in a MAC layer.
  • the header includes a 1-byte HCS (Header Check Sequence) for error detection.
  • the payload is the encrypted contents of the data packet and has variable length.
  • the ICV is authentication data generated from the contents of the data packet before the encryption. At a receiving end, the ICV can be used for checking whether the data packet is falsified or not.
  • the ICV may be encrypted like the payload or may not be encrypted.
  • the CRC is a bit string for detecting an error in the whole of the MAC-PDU added in the MAC layer.
  • FIG. 8 illustrates a second example of the format of a MAC-PDU. Like the MAC-PDU illustrated in FIG. 7 , this MAC-PDU is encrypted. In the second example, the MAC-PDU includes a 6-byte header, a 1-byte index, an encrypted payload, an 8-byte ICV, and a 4-byte CRC.
  • the meanings of the header, the payload, the ICV, and the CRC are the same as those of the header, the payload, the ICV, and the CRC included in the MAC-PDU illustrated in FIG. 7 .
  • the meaning of the index is as described in the above key management table 125 a . That is to say, a number indicative of where the encrypted MAC-PDU is in a radio frame is added to the encrypted MAC-PDU. As a result, at a receiving end it is possible to decode each MAC-PDU without being aware of the order in which MAC-PDUs are stored in the radio frame.
  • the mobile station 200 or 200 a With an uplink, the mobile station 200 or 200 a generates and transmits the above MAC-PDU and the base station 100 or 100 a receives and decodes it. With a downlink, the base station 100 or 100 a generates and transmits the above MAC-PDU and the mobile station 200 or 200 a receives and decodes it.
  • the ICV may be omitted.
  • FIG. 9 is a sequence diagram of the flow of control messages. It is assumed that the mobile station 200 makes a connection with the base station 100 . The process illustrated in FIG. 9 will now be described in order of step number.
  • Step S 11 The mobile station 200 transmits control information (SBC-REQ) indicative of its communication capability to the base station 100 .
  • SBC-REQ control information
  • Information regarding a cryptographic algorithm which the mobile station 200 can use can be included in the SBC-REQ.
  • the mobile station 200 transmits the SBC-REQ by the use of, for example, a UL-burst of a radio frame.
  • Step S 12 The base station 100 transmits control information (SBC-RSP) indicative of a response to the SBC-REQ to the mobile station 200 .
  • SBC-RSP control information
  • Information regarding the designation of a cryptographic algorithm to be used can be included in the SBC-RSP.
  • information indicative of what information is added to an encrypted MAC-PDU (whether an index is added to an encrypted MAC-PDU, for example) can be included in the SBC-RSP.
  • the base station 100 transmits the SBC-RSP by the use of, for example, a DL-burst of a radio frame.
  • Step S 13 After SBC message exchange and authentication if necessary, the mobile station 200 transmits control information (PKM-REQ) by which a request to distribute a common key is made to the base station 100 .
  • the mobile station 200 transmits the PKM-REQ by the use of, for example, a UL-burst of a radio frame.
  • Step S 14 The base station 100 generates a common key and registers it in a table.
  • the base station 100 transmits control information (PKM-RSP) which indicates a response to the PKM-REQ and which includes the common key to the mobile station 200 .
  • PKM-RSP control information
  • information regarding an available period can be included in the PKM-RSP. When the available period elapses after the distribution of the common key, the common key becomes invalid.
  • the base station 100 transmits the PKM-RSP by the use of, for example, a DL-burst of a radio frame.
  • the mobile station 200 registers the common key received from the base station 100 in a table.
  • the mobile station 200 stores a frame number of the radio frame in which the PKM-RSP is included. This frame number is referred to for determining timing at which the common key is updated.
  • the mobile station 200 communicates with the base station 100 by the use of the common key registered in the table.
  • a common key for an uplink and a common key for a downlink which are distinct from each other may be prepared.
  • Step S 15 When the mobile station 200 determines that it is timing to update the common key, the mobile station 200 transmits a PKM-REQ by which a request to distribute a common key is made to the base station 100 . This is the same with step S 13 . Key update timing will be described later in detail.
  • Step S 16 The base station 100 generates a common key and updates the table.
  • the base station 100 then transmits a PKM-RSP including the common key to the mobile station 200 .
  • This is the same with step S 14 .
  • the mobile station 200 updates the table by the use of the common key received from the base station 100 .
  • the mobile station 200 communicates with the base station 100 by the use of the common key after the update.
  • the base station 100 and the mobile station 200 agree in this way on the cryptographic algorithm to be used and the information added to each MAC-PDU.
  • the base station 100 then distributes a common key in response to a request from the mobile station 200 . After that, the base station 100 and the mobile station 200 change the common key on a regular or irregular basis.
  • the base station 100 distributes a common key in response to a request from the mobile station 200 .
  • the mobile station 200 may determine a common key to be used in response to a request from the base station 100 .
  • the base station 100 may distribute a common key automatically.
  • FIG. 10 is a flow chart of a packet transmission process. It is assumed that the base station 100 transmits a MAC-PDU. However, the same applies to the case where the mobile station 200 transmits a MAC-PDU. The process illustrated in FIG. 10 will now be described in order of step number.
  • Step S 21 The control unit 126 specifies a frame number of a radio frame to be transmitted next.
  • Step S 22 The control unit 126 initializes all the indices in the key management table 125 a stored in the table storage unit 125 to zero.
  • Step S 23 The control unit 126 determines whether a data packet to be transmitted by the next radio frame remains in the packet buffer 120 . If there is a remaining data packet, then step S 24 is performed. If there is no remaining data packet, then step S 28 is performed.
  • Step S 24 The PDU generation unit 121 acquires the data packet from the packet buffer 120 and specifies a CID corresponding to a destination of the data packet.
  • the encryption unit 121 a acquires the frame number specified in step S 21 and a common key and an index corresponding to the specified CID from the control unit 126 .
  • the encryption unit 121 a then generates an initialization vector from the frame number and the index. A method for generating the initialization vector will be described later in detail.
  • Step S 25 The encryption unit 121 a divides the data packet into message blocks the bit length of which corresponds to a cryptographic algorithm to be used.
  • the encryption unit 121 a then generates an ICV, which is authentication data, by the use of the message blocks.
  • the encryption unit 121 a then encrypts the message blocks and the ICV by the use of the common key and the initialization vector.
  • the generation of the ICV may be omitted. Furthermore, the ICV may not be encrypted.
  • Step S 26 The PDU generation unit 121 encapsulates the data packet (payload) and the ICV encrypted in step S 25 to generate a MAC-PDU. For example, the PDU generation unit 121 adds a MAC header and a CRC to the payload and the ICV.
  • Step S 27 The control unit 126 increments the index corresponding to the CID specified in step S 24 (adds one to the index corresponding to the CID specified in step S 24 ) and updates the key management table 125 a . Step S 23 is then performed.
  • Step S 28 The sending unit 124 transmits a signal in which the MAC-PDU that is generated in step S 26 , that is coded by the coding unit 122 , and that is modulated by the modulation unit 123 is mapped to a DL-Burst of the radio frame.
  • the base station 100 generates an initialization vector from a frame number of a radio frame to be used for transmission and an index for each data packet and encrypts it by the use of the initialization vector and a common key distributed in advance to the mobile station 200 .
  • a unique value of initialization vector is used to each data packet, so a decrease in safety caused by the repetitive use of the same common key can be prevented.
  • a frame number is used for generating an initialization vector, so it is easy to generate the initialization vector and to make the mobile station 200 reproduce the initialization vector used.
  • FIG. 11 illustrates a first example of an initialization vector.
  • the bit length of an initialization vector is 13 bytes (104 bits).
  • This initialization vector may be referred to as a nonce.
  • the initialization vector includes a 5-byte MAC header, a 4-byte determined value (reserved value), a 3-byte frame number, and a 1-byte index.
  • the MAC header is the same as that added to a MAC-PDU. With this MAC header, however, the 1-byte HCS for error detection included in the MAC header added to a MAC-PDU is removed.
  • the determined value is a fixed bit string. For example, the determined value is a bit string (represented as 0x00000000 by hexadecimal notation) in which all bits are zero.
  • the frame number is a frame number of a radio frame used for transmitting a data packet encrypted.
  • the index is a number which indicates the order in which a MAC-PDU appears in a radio frame and which is defined in each connection.
  • An initialization vector is generated by combining the above four kinds of bit strings.
  • various modifications of the order in which the above four kinds of bit strings are arranged are possible.
  • various modifications of the above bit lengths are possible.
  • FIG. 12 illustrates an example of an encryption method.
  • FIG. 12 illustrates a concrete example of the encryption performed in the above step S 25 .
  • AES-CCM is used as a cryptograph processing method. That is to say, an ICV is generated by the use of the CBC mode and a data packet is encrypted by the use of the counter mode.
  • the data packet is divided into determined-bit-length message blocks M 1 through M n .
  • a common key K is used next for generating authentication data in the CBC mode. That is to say, the leading message block M 1 is encrypted by AES.
  • An exclusive-OR operation is performed between an encryption result and the message block M 2 and an operation result is encrypted by AES.
  • the process of performing an exclusive-OR operation between an encryption result at the preceding stage and the message block M k and encrypting an operation result by AES is repeated.
  • an exclusive-OR operation is performed between an encryption result at the preceding stage and the last message block M n and an operation result is encrypted by AES.
  • Tag is found.
  • Tag is authentication data before encryption.
  • an initialization vector IV and the common key K are used for encrypting the message blocks M 1 through M n and Tag in the counter mode. That is to say, (IV+1) obtained by incrementing IV is encrypted by AES. An exclusive-OR operation is performed between an encryption result and the leading message block M 1 to find an encrypted block C 1 . Similarly, (IV+k) obtained by incrementing IV one by one is encrypted by AES and an exclusive-OR operation is performed between an encryption result and the message block M k . By doing so, an encrypted block C k is found. After the last message block M n is encrypted, finally (IV+(n+1)) is encrypted by AES and an exclusive-OR operation is performed between an encryption result and Tag. By doing so, an encrypted ICV is found.
  • a combination of the encrypted blocks C 1 through C n obtained in this way is a payload of a MAC-PDU.
  • Tag may be used as an ICV without being encrypted.
  • different common keys may be used in the CBC mode and the counter mode.
  • the message blocks M 1 through M n may be encrypted sequentially or the whole or part of the message blocks M 1 through M n may be encrypted in parallel.
  • the generation of Tag and the encryption of the message blocks M 1 through M n may be performed in parallel.
  • FIG. 13 is a flow chart of a packet receiving process. It is assumed that the mobile station 200 receives a MAC-PDU. However, the same applies to the case where the base station 100 receives a MAC-PDU. The process illustrated in FIG. 13 will now be described in order of step number.
  • Step S 31 The receiving unit 213 receives a radio frame.
  • Step S 32 The demodulation unit 214 demodulates a DL-Burst included in the radio frame received in step S 31 , and the decoding unit 215 decodes the DL-Burst.
  • the control information extraction unit 216 extracts a MAC-PDU the destination of which is the mobile station 200 .
  • Step S 33 The control unit 226 acquires a DL-MAP from the control information extraction unit 216 and specifies a frame number of the radio frame received in step S 31 . Instead of using a frame number included in the DL-MAP, however, the control unit 226 may count a frame number of the radio frame.
  • Step S 34 The control unit 226 initializes an index in a key management table (which is the same as the key management table 125 a ) stored in the table storage unit 225 to zero.
  • Step S 35 The packet reproduction unit 217 determines whether, of MAC-PDUs included in the radio frame received in step S 31 , there is a MAC-PDU which is not yet decoded. If there is a MAC-PDU which is not yet decoded, then step S 36 is performed. If there is no MAC-PDU which is not yet decoded, then the receiving process terminates.
  • Step S 36 The packet reproduction unit 217 specifies a CID corresponding to a data packet acquired from the control information extraction unit 216 .
  • a decoding unit 217 a acquires the frame number specified in step S 33 and a common key and an index corresponding to the specified CID from the control unit 226 .
  • the decoding unit 217 a then generates an initialization vector from the frame number and the index. The same initialization vector generation method that is used at the time of encryption is adopted.
  • Step S 37 The decoding unit 217 a divides a payload of a MAC-PDU into encrypted blocks the bit length of which corresponds to a cryptographic algorithm to be used. The decoding unit 217 a then decodes the encrypted blocks and an ICV by the use of the common key acquired in step S 36 and the initialization vector generated in step S 36 .
  • the decoding unit 217 a uses the ICV for checking whether the payload is falsified or not. However, if an ICV is not added, then integrity is not checked. If the payload passes the check or integrity is not checked, then the packet reproduction unit 217 outputs the data packet obtained to the data processing unit 218 .
  • Step S 38 The control unit 226 increments an index corresponding to the CID specified in step S 36 (adds one to an index corresponding to the CID specified in step S 36 ) and updates the key management table. Step S 35 is then performed.
  • the mobile station 200 generates an initialization vector from a frame number of a radio frame and an index for a MAC-PDU the destination of which is the mobile station 200 , and decodes the MAC-PDU by the use of the initialization vector and a common key acquired in advance from the base station 100 .
  • the frame number is used for generating the initialization vector. Accordingly, the initialization vector used by the base station 100 can be reproduced easily and the amount of information added to the MAC-PDU is reduced.
  • the control unit 226 has no need to count the number of MAC-PDUs decoded.
  • the decoding unit 217 a can generate the initialization vector by the use of an index added to each MAC-PDU.
  • FIG. 14 illustrates an example of a decoding method.
  • FIG. 14 illustrates a concrete example of the decoding performed in the above step S 37 .
  • AES-CCM is used as a cryptograph processing method. That is to say, a MAC-PDU is decoded by the use of the counter mode and the integrity of a decoding result is checked by the use of the CBC mode.
  • a payload of a MAC-PDU is divided into determined-bit-length encrypted blocks C 1 through C n .
  • An initialization vector IV and a common key K are used next for decoding the encrypted blocks C 1 through C n and an ICV in the counter mode. That is to say, (IV+1) obtained by incrementing IV is encrypted by AES. An exclusive-OR operation is performed between an encryption result and the leading encrypted block C 1 to find a message block M. Similarly, (IV+k) obtained by incrementing IV one by one is encrypted by AES. An exclusive-OR operation is performed between an encryption result and the encrypted block C k to find a message block M k . The last encrypted block C n is decoded. (IV+(n+1)) is then encrypted by AES. An exclusive-OR operation is performed between an encryption result and the ICV to find Tag # 1 .
  • checking data is generated in the CBC mode from the message blocks M 1 through M n obtained by decoding. That is to say, the leading message block M 1 is encrypted by AES.
  • An exclusive-OR operation is performed between an encryption result and the message block M 2 and an operation result is encrypted by AES.
  • the process of performing an exclusive-OR operation between an encryption result at the preceding stage and the message block M k and encrypting an operation result by AES is repeated.
  • an exclusive-OR operation is performed between an encryption result at the preceding stage and the last message block M n and an operation result is encrypted by AES. By doing so, Tag # 2 is found.
  • Tag # 1 matches Tag # 2 , then the confirmation that the message blocks M 1 through M n are not falsified is obtained.
  • a combination of the message blocks M 1 through M n obtained is the contents of a data packet.
  • the ICV is not encrypted, then the ICV and Tag # 2 are compared. Different common keys may be used in the CBC mode and the counter mode.
  • the encrypted blocks C 1 through C n may be decoded sequentially or the whole or part of the encrypted blocks C 1 through C n may be decoded in parallel.
  • FIG. 15 is a first flow chart of a key update process. It is assumed that the mobile station 200 requests the base station 100 to change a common key. This process is performed repeatedly by the mobile station 200 . The process illustrated in FIG. 15 will now be described in order of step number.
  • Step S 41 The control unit 226 determines whether a common key for a connection currently established has been acquired from the base station 100 . For example, when the mobile station 200 newly accesses the base station 100 , there is no common key. If there is a common key, then step S 42 is performed. If there is no common key, then step S 44 is performed.
  • Step S 42 The control unit 226 compares time which has elapsed after the acquisition of the common key with an available period of which the mobile station 200 is informed by the base station 100 at the time of acquiring the common key, and determines whether the available period expires soon (for example, whether the rest of the available period is shorter than determined time). If the available period does not expire soon, then step S 43 is performed. If the available period expires soon, then step S 44 is performed.
  • Step S 43 The control unit 226 compares a frame number at the time of acquiring the common key with a current frame number, and determines whether a frame number soon becomes equal to the number at the time of acquiring the common key (for example, whether the number of radio frames which remain until a frame number becomes equal to the number at the time of acquiring the common key is smaller than a determined number). If a frame number does not soon become equal to the number at the time of acquiring the common key, then the process terminates. If a frame number soon becomes equal to the number at the time of acquiring the common key, then step S 44 is performed.
  • Step S 44 The control unit 226 generates control information (PKM-REQ, for example) for requesting a change in common key and outputs the control information to the PDU generation unit 221 .
  • This control information is included in a radio frame and is transmitted to the base station 100 .
  • Step S 45 The control unit 226 acquires control information (PKM-RSP, for example) including a common key and its available period and a frame number of a radio frame including the control information from the control information extraction unit 216 .
  • the control unit 226 then registers the common key acquired in the key management table stored in the table storage unit 225 , and holds the available period and the frame number acquired.
  • the mobile station 200 When the mobile station 200 makes a connection with the base station 100 , the mobile station 200 acquires a common key used for encrypting and decoding a data packet from the base station 100 in this way. After that, the mobile station 200 requests the base station 100 before the elapse of an available period designated by the base station 100 to change the common key. Furthermore, before a frame number becomes equal to a number at the time of acquiring the common key even before the elapse of the available period, the mobile station 200 requests the base station 100 to change the common key. This can prevent (for at least a sufficiently long time) a combination of the same common key and the same initialization vector from being used for encrypting a plurality of data packets.
  • the base station 100 may manage the timing at which the common key is updated.
  • each data packet can be encrypted on the basis of a common key and an initialization vector. Accordingly, even if the same common key is used for encrypting a plurality of data packets, a decrease in safety can be prevented.
  • an initialization vector is generated by the use of a frame number of a radio frame by which a data packet is transmitted and the order in which the data packet is stored in the radio frame. Therefore, information for reproducing the initialization vector at a receiving end can be removed from information added to the data packet and the amount of communication can be reduced.
  • the timing at which a common key is updated is related to the timing at which a frame number becomes equal to a number at the time of acquiring the common key. This can prevent a combination of the same common key and the same initialization vector from being used for encrypting a plurality of data packets and increase safety.
  • a mobile communication system according to a second embodiment a common key can be updated more easily in a cycle different from a frame number circulation cycle.
  • the mobile communication system according to the second embodiment can be realized by a base station and a mobile station. These base station and mobile station can be realized by the same module structure that is illustrated in FIGS. 3 and 4 respectively.
  • the second embodiment will now be described by the use of the same numerals that are used in FIGS. 3 and 4 .
  • FIG. 16 illustrates a second example of the structure of a key management table.
  • a key management table 125 b is stored in a table storage unit 125 of a base station 100 .
  • a table which is the same as the key management table 125 b is stored in a table storage unit 225 of a mobile station 200 .
  • the key management table 125 b includes CID, Common Key, Index, and Extension Parameter items. Pieces of information in these items arranged in the horizontal direction are associated with one another.
  • CID, Common Key, and Index items are the same as those of the CID, Common Key, and Index items, respectively, in the key management table 125 a in the first embodiment illustrated in FIG. 5 .
  • a value indicative of a range to be extended or shrunk at the time of using as an initialization vector with the bit length (24 bits, for example) of a frame number as reference is set in the Extension Parameter item.
  • 0 means that a bit string indicative of a frame number is all included in an initialization vector.
  • a negative value means that a frame number shrunk is used, that is to say, part of a bit string is deleted.
  • the value “ ⁇ 2” means that a frame number the 2 highest-order bits of which are deleted is used for generating an initialization vector.
  • a positive value means that a frame number extended is used, that is to say, an extension bit is added to a frame number.
  • a value which is incremented each time the frame number becomes equal to a number at the time of acquiring the common key can be used as an extension bit.
  • the value “4” means that a frame number to which 4 highest-order bits are added is used for generating an initialization vector. In this case, it is possible to make a common key update cycle 16 times a frame number circulation cycle.
  • a value of a current extension bit is also registered in the key management table 125 b .
  • the base station 100 distributes a common key to the mobile station 200 , the base station 100 initializes the extension bit to zero. After that, the extension bit is incremented each time a frame number becomes equal after the distribution to the number at the time of acquiring the common key.
  • Each of the base station 100 and the mobile station 200 may manage the current extension bit. Alternatively, one of the base station 100 and the mobile station 200 may manage the current extension bit and inform the other of it on a regular or irregular basis.
  • the base station 100 can inform the mobile station 200 of an extension parameter as control information.
  • the base station 100 may transmit the PKM-RSP which is illustrated in FIG. 9 and which includes the extension parameter to the mobile station 200 .
  • the base station 100 informs the mobile station 200 of the extension parameter.
  • the extension parameter can be represented as, for example, a 4-bit integer with a sign.
  • FIG. 17 illustrates a second example of an initialization vector.
  • the bit length of an initialization vector is 13 bytes (104 bits).
  • This initialization vector includes a 5-byte MAC header, a 3-byte determined value (reserved value), a 1-byte iteration count, a 3-byte frame number, and a 1-byte index.
  • the meanings of the MAC header, the determined value, and the index are the same as those of the MAC header, the determined value, and the index, respectively, included in the initialization vector in the first embodiment illustrated in FIG. 11 .
  • the iteration count is a bit string including the above extension bit. In this example, up to eight extension bits can be set. If the number of extension bits is smaller than eight, the remaining bits of the iteration count are set to zero.
  • the frame number is a frame number of a radio frame used for transmitting a data packet encrypted. This is the same with the first embodiment. However, if a frame number shrunk is used, then the highest-order bits corresponding to a portion by which the frame number is shrunk are set to zero.
  • an extension parameter For example, if an extension parameter is set to “0,” all the bits included in a bit string indicative of an iteration count are set to zero and all the bits included in a bit string indicative of a frame number are included in an initialization vector. If an extension parameter is set to “ ⁇ 2,” all the bits included in a bit string indicative of an iteration count are set to zero and a bit string indicative of a frame number for the 2 highest-order bits of which zeros are substituted is included in an initialization vector.
  • an extension parameter is set to “4,” the 4 highest-order bits of a bit string indicative of an iteration count are set to zero, the 4 lowest-order bits of the bit string indicative of the iteration count correspond to the number of times a frame number circulates, and all the bits included in a bit string indicative of a frame number are included in an initialization vector.
  • An initialization vector is generated by combining the above five kinds of bit strings.
  • various modifications of the order in which the above five kinds of bit strings are arranged are possible.
  • various modifications of the above bit lengths are possible.
  • the mobile station 200 changes an extension bit (increments an extension bit, for example) added to the frame number at handover time. By doing so, the frame number is the same, but a different initialization vector is generated. This can prevent a combination of the same common key and the same initialization vector from being used for encrypting a plurality of data packets.
  • FIG. 18 is a sequence diagram of the flow of handover control. It is assumed that the mobile station 200 switches a base station with which the mobile station 200 communicates from the base station 100 to a base station 100 a . The process illustrated in FIG. 18 will now be described in order of step number.
  • Step S 51 The mobile station 200 exchanges a radio frame including a MAC-PDU encrypted with the base station 100 . It is assumed that receiving power from the base station 100 falls in this state and that the mobile station 200 determines that a base station with which the mobile station 200 makes a connection should be switched. In this case, the mobile station 200 transmits control information (MSHO-REQ) for requesting handover to the base station 100 .
  • MSHO-REQ control information
  • Current connection information, information regarding the communication capability of the mobile station 200 , information regarding the result of a search for a surrounding base station, and the like can be included in the MSHO-REQ.
  • the mobile station 200 transmits the MSHO-REQ by the use of, for example, a UL-burst of a radio frame.
  • Step S 52 The base station 100 generates control information (HO-REQ) on the basis of information included in the MSHO-REQ received from the mobile station 200 , and transmits the HO-REQ to the base station 100 a which is a candidate move destination. There may be a plurality of candidate move destinations.
  • Step S 53 The base station 100 a transmits control information (HO-RSP) to the base station 100 as a response to the HO-REQ received from the base station 100 .
  • Information indicative of a connection condition such as whether the base station 100 a can establish a connection with the mobile station 200 , whether the base station 100 a can guarantee QoS, or whether the base station 100 a can exercise high-speed handover control, can be included in the HO-RSP.
  • Step S 54 The base station 100 generates control information (BSHO-RSP) on the basis of the HO-RSP received from the base station 100 a , and transmits the BSHO-RSP to the mobile station 200 .
  • Information indicative of a connection condition such as whether the base station 100 a can guarantee QoS, can be included in the BSHO-RSP.
  • the base station 100 transmits the BSHO-RSP by the use of, for example, a DL-burst of a radio frame.
  • Step S 55 The base station 100 transmits control information (HO-ACK) indicative of the confirmation that the base station 100 has received the HO-RSP to the base station 100 a .
  • the message in step S 54 and the message in step S 55 can be transmitted in any order.
  • Step S 56 The mobile station 200 determines a move destination base station (base station 100 a , in this example) on the basis of the BSHO-RSP received from the base station 100 , and transmits control information (HO-IND) indicative of the move destination base station to the base station 100 .
  • the mobile station 200 transmits the HO-IND by the use of, for example, a UL-burst of a radio frame.
  • Step S 57 The base station 100 transmits control information (HO-CNF) for giving notice that the mobile station 200 moves to the move destination base station (base station 100 a ) designated in the HO-IND received from the mobile station 200 .
  • HO-CNF control information
  • a common key and an extension bit used by the base station 100 for communicating with the mobile station 200 can be included in the HO-CNF.
  • the extension bit is incremented after handover.
  • the extension bit may be incremented by the base station 100 which is a move source or by the base station 100 a which is a move destination.
  • Step S 58 In order to begin to communicate with the base station 100 a , the mobile station 200 transmits a ranging request (RNG-REQ) to the base station 100 a .
  • the mobile station 200 transmits the RNG-REQ by the use of, for example, a ranging area of a radio frame.
  • Step S 59 In response to the RNG-REQ received from the mobile station 200 , the base station 100 a transmits a ranging response (RNG-RSP) to the mobile station 200 .
  • RNG-RSP ranging response
  • a CID used for communication between the base station 100 a and the mobile station 200 or a flag indicative of whether a common key is changed or not can be included in the RNG-RSP.
  • the base station 100 a transmits the RNG-RSP by the use of, for example, a DL-burst of a radio frame.
  • the mobile station 200 performs a process for acquiring a common key.
  • the mobile station 200 increments the extension bit used for communicating with the base station 100 .
  • the mobile station 200 should update the extension bit before encrypting or decoding a data packet.
  • the base station 100 a and the mobile station 200 can continue to use the common key before handover.
  • the base station 100 before the move can inform the base station 100 a after the move of the extension bit via an upper station.
  • the mobile station 200 may inform the base station 100 a after the move of the extension bit before or after the change.
  • a common key change cycle can easily be set to a cycle different from a frame number circulation cycle.
  • the use of an extension bit makes it possible to continue to use the same common key before and after handover without decreasing safety. As a result, a load of a common key change process can be reduced and communication can be resumed rapidly after handover.
  • a common key update timing also depends on the number of data packet encrypted.
  • the mobile communication system according to the third embodiment can be realized by a base station and a mobile station. These base station and mobile station can be realized by the same module structure that is illustrated in FIGS. 3 and 4 respectively.
  • the third embodiment will now be described by the use of the same numerals that are used in FIGS. 3 and 4 .
  • FIG. 19 illustrates a third example of the structure of a key management table.
  • a key management table 125 c is stored in a table storage unit 125 of a base station 100 .
  • a table which is the same as the key management table 125 c is stored in a table storage unit 225 of a mobile station 200 .
  • the key management table 125 c includes CID, Common Key, Index, and PDU Number items. Pieces of information in these items arranged in the horizontal direction are associated with one another.
  • the meanings of the CID, Common Key, and Index items are the same as those of the CID, Common Key, and Index items, respectively, in the key management table 125 a in the first embodiment illustrated in FIG. 5 .
  • the number of MAC-PDUs for which a common key is used is set in the PDU Number item. When a common key is acquired, a number set in the PDU Number item is initialized to zero. Each time the common key is used for encrypting or decoding, a number set in the PDU Number item is incremented.
  • a maximum PDU number may be set in advance as an upper limit on the continuous use of the same common key.
  • the base station 100 can inform the mobile station 200 of the maximum PDU number as control information.
  • the base station 100 may transmit the PKM-RSP which is illustrated in FIG. 9 and which includes the maximum PDU number to the mobile station 200 . By doing so, the base station 100 informs the mobile station 200 of the maximum PDU number.
  • the maximum PDU number can be represented as, for example, a 4-byte (32-bit) integer.
  • FIG. 20 is a second flow chart of a key update process. It is assumed that the mobile station 200 requests the base station 100 to change a common key. This process is performed repeatedly by the mobile station 200 . The process illustrated in FIG. 20 will now be described in order of step number.
  • Step S 61 A control unit 226 determines whether a common key for a connection currently established has been acquired from the base station 100 . If there is a common key, then step S 62 is performed. If there is no common key, then step S 65 is performed.
  • Step S 62 The control unit 226 compares time which has elapsed after the acquisition of the common key with an available period of which the mobile station 200 is informed by the base station 100 at the time of acquiring the common key, and determines whether the available period expires soon. If the available period does not expire soon, then step S 63 is performed. If the available period expires soon, then step S 65 is performed.
  • Step S 63 The control unit 226 compares a frame number at the time of acquiring the common key with a current frame number, and determines whether a frame number soon becomes equal after the acquisition of the common key to a number at the time of acquiring the common key. If a frame number does not soon become equal to the number at the time of acquiring the common key, then step S 64 is performed. If a frame number soon becomes equal to the number at the time of acquiring the common key, then step S 65 is performed.
  • Step S 64 The control unit 226 compares the number of PDUs encrypted or decoded by the use of the current common key with a maximum PDU number of which the mobile station 200 is informed by the base station 100 , and determines whether the maximum PDU number is reached soon (for example, whether the difference between the maximum PDU number and the current PDU number is smaller than a determined number). If the maximum PDU number is not reached soon, then the process terminates. If the maximum PDU number is reached soon, then step S 65 is performed.
  • Step S 65 The control unit 226 generates control information (PKM-REQ, for example) for requesting a change in common key and outputs the control information to a PDU generation unit 221 .
  • This control information is included in a radio frame and is transmitted to the base station 100 .
  • Step S 66 The control unit 226 acquires control information (PKM-RSP, for example) including a common key, its available period, and a maximum PDU number and a frame number of a radio frame including the control information from a control information extraction unit 216 .
  • the control unit 226 then registers the common key acquired in the key management table stored in the table storage unit 225 , and resets the PDU number.
  • the control unit 226 holds the available period and the frame number acquired.
  • the mobile station 200 requests the base station 100 in this way, even before the elapse of an available period designated by the base station 100 and the return of a frame number to a number at the time of acquiring a common key, to change a common key. As a result, a decrease in safety caused in the case of a large number of MAC-PDUs being transmitted or received in a short period of time can be prevented.
  • the base station 100 may manage the timing at which the common key is updated.
  • the same effect that is achieved by the first embodiment can be obtained. Furthermore, by using the mobile communication system according to the third embodiment, it is possible to make common key update timing depend on the number of times a common key is used. As a result, the safety of encryption communication can be increased further. An embodiment obtained by combining the second embodiment and the third embodiment is possible.
  • the amount of communication performed at the time of an encrypted data packet being transmitted or received can be controlled.
US13/025,551 2008-09-04 2011-02-11 Sending apparatus, receiving apparatus, sending method, and receiving method Expired - Fee Related US8538021B2 (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2008/065977 WO2010026637A1 (ja) 2008-09-04 2008-09-04 送信装置、受信装置、送信方法および受信方法

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2008/065977 Continuation WO2010026637A1 (ja) 2008-09-04 2008-09-04 送信装置、受信装置、送信方法および受信方法

Publications (2)

Publication Number Publication Date
US20110138173A1 US20110138173A1 (en) 2011-06-09
US8538021B2 true US8538021B2 (en) 2013-09-17

Family

ID=41796825

Family Applications (1)

Application Number Title Priority Date Filing Date
US13/025,551 Expired - Fee Related US8538021B2 (en) 2008-09-04 2011-02-11 Sending apparatus, receiving apparatus, sending method, and receiving method

Country Status (4)

Country Link
US (1) US8538021B2 (zh)
JP (1) JP5338816B2 (zh)
CN (1) CN102144370B (zh)
WO (1) WO2010026637A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9270456B1 (en) * 2012-02-16 2016-02-23 Google Inc. System and methodology for decrypting encrypted media
US9900287B1 (en) 2014-09-12 2018-02-20 Verily Life Sciences, LLC Transmitting sensitive information securely over unsecured networks without authentication

Families Citing this family (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102484791A (zh) * 2010-05-19 2012-05-30 三洋电机株式会社 基站装置
DE102012208836A1 (de) * 2012-05-25 2013-11-28 Siemens Aktiengesellschaft Verfahren und Vorrichtung zur Erzeugung kryptographisch geschützter redundanter Datenpakete
CN103491534B (zh) * 2012-06-13 2016-05-18 株式会社理光 发射设备、接收设备、通信系统及其控制方法
US9264404B1 (en) * 2012-08-15 2016-02-16 Marvell International Ltd. Encrypting data using time stamps
US9785173B2 (en) * 2013-03-15 2017-10-10 General Electric Company Wireless communication systems and methods for intelligent electronic devices
DE102014208212A1 (de) * 2014-04-30 2015-11-05 Siemens Aktiengesellschaft Ableiten eines gerätespezifischen Wertes
JP6382148B2 (ja) * 2014-05-08 2018-08-29 日本放送協会 送信装置および受信装置
US9876767B2 (en) * 2014-05-09 2018-01-23 Alcatel Lucent Secure device-to-device (D2D) communication
US9585013B2 (en) * 2014-10-29 2017-02-28 Alcatel Lucent Generation of multiple shared keys by user equipment and base station using key expansion multiplier
SG11201704361XA (en) * 2014-12-03 2017-06-29 Nagravision Sa Block cryptographic method for encrypting/decrypting messages and cryptographic devices for implementing this method
CN104640091B (zh) * 2015-01-13 2019-10-18 董红伟 一种手机短信加密通信方法
US9432340B1 (en) * 2015-05-07 2016-08-30 Bogart Associates System and method for secure end-to-end chat system
KR101952351B1 (ko) * 2016-08-12 2019-03-21 진우솔루션 주식회사 네트워크의 고유 번호가 없는 장비를 이용한 통신 보안 방법 및 시스템
CN106452743B (zh) * 2016-09-26 2020-01-31 深圳市紫光同创电子有限公司 通信密钥获取方法及装置、通信报文解密方法及装置
WO2018090339A1 (zh) * 2016-11-18 2018-05-24 海能达通信股份有限公司 无线通信方法、装置及通信设备
JP6834771B2 (ja) * 2017-05-19 2021-02-24 富士通株式会社 通信装置および通信方法
US11190528B2 (en) * 2017-11-28 2021-11-30 Avago Technologies International Sales Pte. Limited Light-weight mechanism for checking message integrity in data packets
CN108768974A (zh) * 2018-05-16 2018-11-06 深圳市沃特沃德股份有限公司 一种形成注册信息的方法及装置
US10937339B2 (en) * 2019-01-10 2021-03-02 Bank Of America Corporation Digital cryptosystem with re-derivable hybrid keys
CN110650016B (zh) * 2019-09-02 2022-09-23 南京南瑞继保电气有限公司 一种实现交直流控制保护系统网络数据安全的方法
CN114697051B (zh) * 2020-12-25 2024-01-09 华为技术有限公司 安全传输数据的方法、装置及系统
CN116455587A (zh) * 2022-01-05 2023-07-18 西安西电捷通无线网络通信股份有限公司 一种数据安全传输的方法和装置及设备

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0585140A (ja) 1991-04-10 1993-04-06 Nissan Motor Co Ltd 車両用サスペンシヨン
WO1999048296A1 (en) 1998-03-16 1999-09-23 Intertrust Technologies Corporation Methods and apparatus for continuous control and protection of media content
CN1283063A (zh) 1999-09-09 2001-02-07 深圳市中兴通讯股份有限公司 手机加密的方法
US20030044011A1 (en) * 2000-03-01 2003-03-06 Jukka Vialen Counter initialization, particularly for radio frames
US20040131014A1 (en) * 2003-01-03 2004-07-08 Microsoft Corporation Frame protocol and scheduling system
JP2005176335A (ja) 2003-11-20 2005-06-30 Ntt Docomo Inc 通信装置及び通信制御方法
JP2006352490A (ja) 2005-06-15 2006-12-28 Ntt Docomo Inc 秘匿処理装置及び秘匿処理方法
WO2007030074A1 (en) 2005-09-09 2007-03-15 Telefonaktiebolaget Lm Ericsson (Publ) Methods for secure and bandwidth efficient cryptographic synchronization
US20080095368A1 (en) * 2006-10-20 2008-04-24 Fujitsu Limited Symmetric key generation apparatus and symmetric key generation method
WO2008054320A2 (en) 2006-11-01 2008-05-08 Telefonaktiebolaget Lm Ericsson (Publ) Telecommunication systems and encryption of control messages in such systems
US20080170691A1 (en) * 2005-03-10 2008-07-17 Sung-Cheol Chang Encryption And Decryption Device In Wireless Portable Internet System,And Method Thereof
WO2009026300A2 (en) 2007-08-20 2009-02-26 Qualcomm Incorporated Method and apparatus for generating a cryptosync

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0585140U (ja) * 1992-04-21 1993-11-16 三菱電機株式会社 データ暗号装置

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0585140A (ja) 1991-04-10 1993-04-06 Nissan Motor Co Ltd 車両用サスペンシヨン
WO1999048296A1 (en) 1998-03-16 1999-09-23 Intertrust Technologies Corporation Methods and apparatus for continuous control and protection of media content
JP2002507868A (ja) 1998-03-16 2002-03-12 インタートラスト テクノロジーズ コーポレイション メディア・コンテンツの連続制御および保護のための方法および装置
CN1283063A (zh) 1999-09-09 2001-02-07 深圳市中兴通讯股份有限公司 手机加密的方法
US20030044011A1 (en) * 2000-03-01 2003-03-06 Jukka Vialen Counter initialization, particularly for radio frames
US20040131014A1 (en) * 2003-01-03 2004-07-08 Microsoft Corporation Frame protocol and scheduling system
JP2005176335A (ja) 2003-11-20 2005-06-30 Ntt Docomo Inc 通信装置及び通信制御方法
US20080170691A1 (en) * 2005-03-10 2008-07-17 Sung-Cheol Chang Encryption And Decryption Device In Wireless Portable Internet System,And Method Thereof
JP2006352490A (ja) 2005-06-15 2006-12-28 Ntt Docomo Inc 秘匿処理装置及び秘匿処理方法
US20090220079A1 (en) 2005-06-15 2009-09-03 Ntt Docomo, Inc. Concealing device and concealing method
WO2007030074A1 (en) 2005-09-09 2007-03-15 Telefonaktiebolaget Lm Ericsson (Publ) Methods for secure and bandwidth efficient cryptographic synchronization
US20080095368A1 (en) * 2006-10-20 2008-04-24 Fujitsu Limited Symmetric key generation apparatus and symmetric key generation method
WO2008054320A2 (en) 2006-11-01 2008-05-08 Telefonaktiebolaget Lm Ericsson (Publ) Telecommunication systems and encryption of control messages in such systems
WO2009026300A2 (en) 2007-08-20 2009-02-26 Qualcomm Incorporated Method and apparatus for generating a cryptosync

Non-Patent Citations (7)

* Cited by examiner, † Cited by third party
Title
First Notification of Office Action issued for corresponding Chinese Patent Application No. 200880130952.8, issued May 30, 2013, with full English translation.
IEEE Computer Society and the IEEE Microwave Theory and Techniques Society, Sponsored by the LAN/MAN Standards Committee; IEEE Std. 802.16-2004; (Revision of IEEE Std. 802.16-2001); "IEEE Standard for Local and metropolitan area networks; Part 16: Air Interface for Fixed Broadband Wireless Access Systems"; IEEE, 3 Park Avenue, New York, NY 10016-5997, USA; Dated Oct. 1, 2004; [Print: SH95246; PDF: SS95246].
IEEE Computer Society and the IEEE Microwave Theory and Techniques Society; Sponsored by the LAN/MAN Standards Committee; IEEE Std. 802.16e-2005 and IEEE Std. 802.16-2004/Cor1-2005 (Amendment and Corrigendum to IEEE Std. 802.16 16-2004); "Part 16: Air Interface for Fixed and Mobile Broadband Wireless Access Systems; Amendment 2: Physical and Medium Access Control Layers for Combined Fixed and Mobile Operation in Licensed Bands and Corrigendum 1"; IEEE, 3 Park Avenue, New York, NY 10016-5997, USA; Dated Feb. 28, 2006.
IEEE Computer Society Sponsored by the LAN/MAN Standards Committee; IEEE Standard for Information technology-Telecommunications and information exchange between systems-Local and metropolitan area networks-Specific.requirements; Part11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications; IEEE Std. 802.11-2007 (Revision of IEEE Std. 802.11-1999); IEEE, 3 Park Avenue, New York, NY 10016-5997, USA; Dated Jun. 12, 2007. [Ref.: ISR mailed Dec. 2, 2008].
International Search Report issued for corresponding International Patent Application No. PCT/JP2008/065977, mailed Dec. 2, 2008.
Office Action issued for corresponding Japanese Patent Application No. 2010-527622, issued Dec. 25, 2012, with English translation.
R. Housley; Internet Engineering Task Force (IETF); Vigil Security, RFC4309-Network Working Group Request for Comments: 4309; Category: Standards Track; "Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP)" Dated: Dec. 2005.

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9270456B1 (en) * 2012-02-16 2016-02-23 Google Inc. System and methodology for decrypting encrypted media
US9900287B1 (en) 2014-09-12 2018-02-20 Verily Life Sciences, LLC Transmitting sensitive information securely over unsecured networks without authentication
US10728224B1 (en) 2014-09-12 2020-07-28 Verily Life Sciences Llc Transmitting sensitive information securely over unsecured networks without authentication
US11765139B1 (en) 2014-09-12 2023-09-19 Verily Life Sciences Llc Transmitting sensitive information securely over unsecured networks without authentication

Also Published As

Publication number Publication date
CN102144370B (zh) 2015-04-15
JPWO2010026637A1 (ja) 2012-01-26
WO2010026637A1 (ja) 2010-03-11
CN102144370A (zh) 2011-08-03
US20110138173A1 (en) 2011-06-09
JP5338816B2 (ja) 2013-11-13

Similar Documents

Publication Publication Date Title
US8538021B2 (en) Sending apparatus, receiving apparatus, sending method, and receiving method
US11695742B2 (en) Security implementation method, device, and system
US7904714B2 (en) Apparatus and method for ciphering/deciphering a signal in a communication system
CN100473192C (zh) 对通信系统中发送加密的方法和装置
US11228908B2 (en) Data transmission method and related device and system
JP5403471B2 (ja) 無線通信システムのエアリンクを介して鍵を共有する方法、移動局、および無線通信システム
TWI418194B (zh) 行動台、基地台及流量加密密鑰之產生方法
CN104661216A (zh) 在wtru中传送nas消息的方法及wtru
US20240107313A1 (en) Control frame processing method, control frame generating method, station, access point, and storage medium
KR20040077721A (ko) 무선 통신 시스템의 크립토싱크 설계
KR102256875B1 (ko) 분리된 카운트를 사용하여 다수의 nas 연결에 대한 보안을 제공하는 방법 및 관련된 네트워크 노드와 무선 터미널
CN101998393A (zh) 无线通信系统中减少数据完整性校验的开销的方法和装置
Fernandez et al. An overview of WiMAX security
JP5423916B2 (ja) 通信方法
KR101575050B1 (ko) 이종 통신 인터페이스를 지원하는 2.5계층 보안 시스템
KR101289810B1 (ko) 송신기, 수신기, 데이터 전송 방법, 데이터 수신 방법 및 데이터 송수신 방법
KR20050107537A (ko) 무선 통신 시스템에서 사용자 인증 메시지 암호화 방법과장치 및 이를 위한 보안키 생성 방법
CN112995993A (zh) 无线网络切换方法及设备
KR20080090733A (ko) 다중 홉 기반의 광대역 무선통신 시스템에서 보안연결 방법및 시스템
Dogaru et al. WIMAX 802.16 Network–Secure Communications
JP2004104500A (ja) 通信方法、ブリッジ装置及び端末装置

Legal Events

Date Code Title Description
AS Assignment

Owner name: FUJITSU LIMITED, JAPAN

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:OKUDA, MASATO;REEL/FRAME:025796/0153

Effective date: 20110113

STCF Information on status: patent grant

Free format text: PATENTED CASE

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

FPAY Fee payment

Year of fee payment: 4

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

LAPS Lapse for failure to pay maintenance fees

Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20210917